Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
garage vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5880
When the Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM) is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Jav...
Geniecompany Aladdin Connect Garage Door Opener Firmware
NA
CVE-2023-5881
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings.
Geniecompany Aladdin Connect Garage Door Opener Firmware
NA
CVE-2023-1748
The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with unauthenticated access to the Nexx Home mobile application or the affected firmware could view the credentials and access the MQ Telemetry Server (MQTT) server and the ability to remotely ...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
NA
CVE-2023-1749
The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could send API requests that the affected devices would execute.
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
NA
CVE-2023-1750
The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could retrieve device history, set device settings, and retrieve device information.
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
NA
CVE-2023-1751
The listed versions of Nexx Smart Home devices use a WebSocket server that does not validate if the bearer token in the Authorization header belongs to the device attempting to associate. This could allow any authorized user to receive alarm information and signals meant for othe...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
NA
CVE-2023-1752
The listed versions of Nexx Smart Home devices could allow any user to register an already registered alarm or associated device with only the device’s MAC address.
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
NA
CVE-2022-44279
Garage Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /garage/php_action/createBrand.php.
Garage Management System Project Garage Management System 1.0
NA
CVE-2022-41551
Garage Management System v1.0 exists to contain a SQL injection vulnerability via the id parameter at /garage/editorder.php.
Garage Management System Project Garage Management System 1.0
NA
CVE-2022-41358
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.
Garage Management System Project Garage Management System 1.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »